> On Aug 11, 2018, at 9:22 AM, Richard Weinberger <richard@xxxxxx> wrote: > > Hi! > > I have a hard time figuring how to write a DTLS UDP server that supports multiple > clients. My dummy single user server works fine. > > To support multiple clients I tried two approaches: > 1. singled threaded async IO, preferred since I have to deal with many clients > 2. multi threaded, one thread per client > > Both approaches seem to be doomed for the very same reason, namely that > DTLSv1_listen() does peek into the kernel queue and does not consume > the client hello from the UDP socket. > > Both loop around DTLSv1_listen() and as soon the function returns > 0 a new > socket for the client is created using bind/connect and the client address > as returned by DTLSv1_listen(). > > This client socket is then passed to a new thread or feed into the event loop. > In both cases the client hello is still in the queue of the server socket > and the program will over and over create new client sockets. > > After searching the web for examples I've found this thread[0], where the approaches > I tried are advertised. > In [1] the demo server at [3] is suggested as good example. > > dtls_udp_echo.c from [3] does exactly what I did in my 2nd approach, and it fails in > the same way. > As soon one client connects, it creates over and over new sockets until it dies due > to too many open files. > > After digging a bit into the source it looks to me like since commit [3], > DTLSv1_listen() assumes that you re-use the same socket for the new client. > Which makes supporting multiple clients impossible. > > Given that I'm not an OpenSSL DTLS expert I still hope I miss something. > Can you please help me to figure what the correct approach for multiple clients is? > > Thanks, > //richard Have you tried using Libevent? It supports SSL/TLS/DTLS connections. -Philip -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
